diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-06-08 14:33:27 +1000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-07-15 23:11:50 +0200 |
commit | 7cc355c2e4e081dca3c6c345a75a2ab16800c807 (patch) | |
tree | af03550512bc59ca961934e9009c6c8fd4be5656 /doc/man3/EVP_EncryptInit.pod | |
parent | c35b8535768e22cd3b7743f4887a72e53a621a5f (diff) |
Add AES_CBC_CTS ciphers to providers
Added Algorithm names AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS.
CS1, CS2 and CS3 variants are supported.
Only single shot updates are supported.
The cipher returns the mode EVP_CIPH_CBC_MODE (Internally it shares the aes_cbc cipher code). This
would allow existing code that uses AES_CBC to switch to the CTS variant without breaking code that
tests for this mode. Because it shares the aes_cbc code the cts128.c functions could not be used directly.
The cipher returns the flag EVP_CIPH_FLAG_CTS.
EVP_CIPH_FLAG_FIPS & EVP_CIPH_FLAG_NON_FIPS_ALLOW have been deprecated.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12094)
Diffstat (limited to 'doc/man3/EVP_EncryptInit.pod')
-rw-r--r-- | doc/man3/EVP_EncryptInit.pod | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index 36efb4090d..d40402ba1d 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -800,6 +800,50 @@ with a 128-bit key: return 1; } +Encryption using AES-CBC with a 256-bit key with "CS1" ciphertext stealing. + + int encrypt(const unsigned char *key, const unsigned char *iv, + const unsigned char *msg, size_t msg_len, unsigned char *out) + { + /* + * This assumes that key size is 32 bytes and the iv is 16 bytes. + * For ciphertext stealing mode the length of the ciphertext "out" will be + * the same size as the plaintext size "msg_len". + * The "msg_len" can be any size >= 16. + */ + int ret = 0, encrypt = 1, outlen, len; + EVP_CIPHER_CTX *ctx = NULL; + EVP_CIPHER *cipher = NULL; + OSSL_PARAM params[2]; + + ctx = EVP_CIPHER_CTX_new(); + cipher = EVP_CIPHER_fetch(NULL, "AES-256-CBC-CTS", NULL); + if (ctx == NULL || cipher == NULL) + goto err; + + if (!EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, encrypt)) + goto err; + /* + * The default is "CS1" so this is not really needed, + * but would be needed to set either "CS2" or "CS3". + */ + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_CIPHER_PARAM_CTS_MODE, + "CS1", 0); + params[1] = OSSL_PARAM_construct_end(); + if (!EVP_CIPHER_CTX_set_params(ctx, params)) + goto err; + + /* NOTE: CTS mode does not support multiple calls to EVP_CipherUpdate() */ + if (!EVP_CipherUpdate(ctx, encrypted, &outlen, msg, msglen)) + goto err; + if (!EVP_CipherFinal_ex(ctx, encrypted + outlen, &len)) + goto err; + ret = 1; + err: + EVP_CIPHER_free(cipher); + EVP_CIPHER_CTX_free(ctx); + return ret; + } =head1 SEE ALSO |